package com.example.waibao.config;


//import com.example.sannong.handler.LoginSuccessHandler;

import com.example.waibao.Filter.JwtAuthenticationTokenFilter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)      //开启方法安全权限配置
public class  SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;

    @Autowired
    private AuthenticationEntryPoint authenticationEntryPoint;

    @Autowired
    private AccessDeniedHandler accessDeniedHandler;

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {

        return super.authenticationManagerBean();
    }

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder(); //注入加密的类
    }
//    @Bean
//    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
//        http
//                .authorizeHttpRequests((authz) -> authz
//                        .anyRequest().authenticated()
//                )
//                .httpBasic(withDefaults());
//        return http.build();
//    }
//
//
//
//    @Bean
//    public WebSecurityCustomizer webSecurityCustomizer() {
//        return (webSecurity) -> webSecurity.ignoring().requestMatchers("/ignore1", "/ignore2");
//    }



//    @Autowired
//    private LoginSuccessHandler loginSuccessHandler;
    private static final String URL_WHITELIST[] ={
            "/login2",
            "/findPage",
            "/updateUser",
            "/updateState",
            "/updateRules",
            "/getRules",
            "/checkToken",
            "/getUsername",
            "/addUser",
            "/deleteUser",
            "/findUser",
            "/menu_test",
            "/abc",
        "/update",
        "/rank",
        "/around",
        "/teacher_register",
        "/school_register",
        "/sse/connect",
        "/sse/close",
        "/get_school",
        "/sse/send",
        "/sse/send_box",
        "/task"

    } ;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //开启跨域以及csrf攻击关闭
        http.cors().and().csrf().disable();

        //登录配置
        http
                //.formLogin()
                //              .successHandler()
//                .failureHandler()
//                .and().
//                logout().
//                logoutSuccessHandler()

                //session禁用配置
               // .and()
                .sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.STATELESS) //无状态

                //拦截规则配置
                .and().authorizeRequests().antMatchers(URL_WHITELIST).permitAll()//登不登录都能访问
                .and().authorizeRequests().antMatchers("/user/login").anonymous()//匿名访问，不用登录就能访问，登录后不能访问
                .anyRequest().authenticated();
        //添加过滤器
        http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
        //配置异常处理器
        http.exceptionHandling()
                //配置认证失败处理器
                .authenticationEntryPoint(authenticationEntryPoint)
                .accessDeniedHandler(accessDeniedHandler);


    }


}
